Identity Provider (IDP)

Prerequisites

  • Dedicated server running Windows Server 2012 R2 or higher with at least 4 GB RAM and dual cores.
  • SQL Server Express
  • Webserver certificate from a trusted Certificate Authority.
  • Dotnet Core Hosting Bundle microsoft.com
  • Completed section about installation of Internet Information Service (IIS).
Please note that all installations must be run as an administrator with elevated privileges.

Installing

Download the Dotnet Core Hosting Bundle from this page [microsoft.com](https://dotnet.microsoft.com/download/thank-you/dotnet-runtime-3.0.0-windows-hosting-bundle-installer) and install it before proceeding.

  1. Start the nodeProtect Identity Provider setup (nodeProtect.IDP.msi) as an administrator from an elevated CMD prompt. Identity Provider (IDP)

  2. On the license agreement dialog read and accept the license agreement terms.Identity Provider (IDP)

  3. Choose destination folder for installation.Identity Provider (IDP)

  4. Click Install to begin installation.Identity Provider (IDP)

  5. Verify that the installation was successfull.Identity Provider (IDP)

  6. Important: Restart the server.

  7. Configure the IIS by opening the IIS Manager. Add a new website as displayed below.Identity Provider (IDP)

  8. Enable Windows Authentication on the nodeProtectIDP site.Identity Provider (IDP)

  9. (Important: If the error below occurs when trying to configure ‘Windows Authentication’, please verify that the ‘Dotnet Core Hosting Bundle’ has been installed successfully and restart server).Identity Provider (IDP)

  10. Modify the application pool nodeProtectIDP as displayed below.Identity Provider (IDP)

  11. Click on Advanced Settings on the application pool and change “Enable 32-bit Application” to True and change “Idle Time-out (minutes)” to 0. Click OK to save.Identity Provider (IDP)

  12. Modify the permission on the nodeProtect folder. Add the local group IIS_IUSRS with Modify permission.Identity Provider (IDP)

  13. Create a new local group named nodeProtect Default Tenant and add administrative user or group you want to be able to access nodeProtect Admin Portal Site. If you are logged on with the account added to this group, remember to logoff and logon for the configuration to be effective.Identity Provider (IDP)

  14. Edit the “$env:ProgramFiles\nodeProtect\Idp\appsettings.json” file and Clients section:
    • Change the DefaultConnection to (and change password): 

    "DefaultConnection": "Server=.\\SQLExpress;Database=nodeProtect.Idp;User Id=nodeProtectIdp;Password={Password};MultipleActiveResultSets=true"
    • Change the RedirectUris and PostLogoutRedirectUris to point to the intended Admin Web URI and port (installed in at a later stage in this document).
    • Also, in the ADAccessGroup define the newly created local group to access the portal.Identity Provider (IDP)

  15. Recycle the application pool.Identity Provider (IDP)

  16. Identity Provider (IDP) installation completed. Continue to Administration Web Portal.